diego

Bnjour comment se fait il que je n'ai plus de réponse ? Merci

Bonjour J'ai fait ce qui était demandé et posté les rapports dans mon avant dernier message Merci d'analyser ces rapports

Bonjour j'avais posté un rapport HikackThis dans mon dernier message pourriez vous l'analyser Merci à toute l'équipe

bonjour sur ton message d'hier à 00H26 tu me demandais de passer l'outil Trend Anti malware et de virer tout ce qu'il trouvait ce que j'ai fait ; puis de passer l'antivirus de Trend House Call .J'ai essayé mais l'analyse s'arrête en plein milieu et la fenêtre se ferme. dans ton message de ce matin à 02h tu me demandes d'exécuter combofix.exe voilà le rapport ComboFix 06.10.19 - Running from: "C:\Program Files\HijackThis" (((((((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINDOWS\drsmartload2.dat ((((((((((((((((((((((((((((((( Files Created from 2008-10-06 to 2008/11/2006 )))))))))))))))))))))))))))))))))) No new files created in this timespan (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2014/02/2006 21:39 4992 --a------ C:\WINDOWS\system32\drivers\avgtdi.sys 2014/02/2006 21:39 4288 --a------ C:\WINDOWS\system32\drivers\avg7rsw.sys 2012/07/2006 22:25 23424 --a------ C:\WINDOWS\system32\drivers\avgmfrs.sys 2010/10/2004 00:58 8552 --a------ C:\WINDOWS\system32\drivers\asctrm.sys (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background" "Update Service"="\"C:\\Program Files\\Fichiers communs\\Teknum Systems\\update.exe\" /startup" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "NvCplDaemon"="RUNDLL32.EXE NvQTwk,NvCplDaemon initialize" "EM_EXEC"="C:\\PROGRA~1\\MOUSEW~1\\SYSTEM\\EM_EXEC.EXE" "ACTIVBOARD"="C:\\Apps\\ActivBoard\\MMKeybd.exe" "BHR4.1"="C:\\Program Files\\Zamaan's Software\\Browser Hijack Retaliator 4.1\\BHR4.1.exe" "AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP" "MessengerPlus3"="\"C:\\Program Files\\MessengerPlus! 3\\MsgPlus.exe\"" "TkBellExe"="\"C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe\" -osboot" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "VCSPlayer"="\"C:\\Program Files\\Virtual CD v4 SDK\\system\\vcsplay.exe\"" "avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe" "!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000001 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,e6,00,00,00,00,00,00,00,9a,03,00,00,3e,03,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\ ff,ff,04,00,00,00 "RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\ 00,00,01,00,00,00 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" "AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" "AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoDrives"=dword:0000e000 "NoDriveAutoRun"=dword:0000e000 "NoCDBurning"=dword:00000000 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" Completion time: 08/11/2006 6:25:03,98 C:\ComboFix.txt ... 08/11/2006 06:25 bonne chance

salut je n'ai pas pu répondre plus tôt car j'ai été absent quelques jours j'ai repassé AVG AS en suivant la procédure (j'étais en mode normal et non en mode sans échec car en mode sans échec le bouclier résident ne peut être activé) compte rendu AVG AS --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 20:11:28 05/11/2006 + Résultat de l'analyse: Rien à signaler. Fin du rapport j'ai refait également un scan en ligne avec Panda compte rendu Panda Incident Statut Analyse Adware:adware/abox No Désinfecté c:\windows\ABox.exe Adware:adware/dollarrevenue No Désinfecté c:\windows\drsmartload2.dat Adware:adware/windowenhancer No Désinfecté c:\windows\system32\SBUtils Outil indésirable:application/winantispyware2006 No Désinfecté c:\program files\WinAntiSpyware 2006 Scanner Adware:adware/wupd No Désinfecté Registre Windows Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\chris\Application Data\Mozilla\Firefox\Profiles\b7m8xx5i.default\cookies.txt[.xiti.com/] Spyware:Cookie/Hbmediapro No Désinfecté C:\Documents and Settings\chris\Application Data\Mozilla\Firefox\Profiles\b7m8xx5i.default\cookies.txt[.adopt.hbmediapro.com/] Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt[.xiti.com/] Outil indésirable:Application/Processor No Désinfecté C:\Documents and Settings\CHRISTIAN\Bureau\JUNK\l2mfix.exe[l2mfix/Process.exe] Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\CHRISTIAN\Cookies\christian@xiti[1].txt Adware:Adware/DollarRevenue No Désinfecté C:\install.exe Outil indésirable:Application/Processor No Désinfecté C:\Program Files\Mozilla Firefox\l2mfix\Process.exe Outil indésirable:Application/Pskill.A No Désinfecté C:\WINDOWS\RESTORE.INS[C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE] Outil indésirable:Application/Pskill.A No Désinfecté C:\WINDOWS\system\RESTORE.INS[C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE] Outil indésirable:Application/WinAntispyware2006 No Désinfecté C:\WINDOWS\system32\drivers\uwasfsd.sys compte rendu HijackThis Logfile of HijackThis v1.99.1 Scan saved at 20:19:24, on 06/11/2006 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE C:\Apps\ActivBoard\MMKeybd.exe C:\Program Files\Zamaan's Software\Browser Hijack Retaliator 4.1\BHR4.1.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\iFinger\iFinger.exe C:\Apps\ActivBoard\nhksrv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\DNA Digital Media Group\Nestle Fitness Virtual Coach\dcu.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Apps\ActivBoard\TrayMon.exe C:\Apps\ActivBoard\OSD.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\DOCUME~1\CHRIST~1\LOCALS~1\TEMP\_VWUPSRV.EXE C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\WINDOWS\explorer.exe C:\Program Files\PowerArchiver\POWERARC.EXE C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\_PA981\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://qrhvesfirbncprveriyw.com/VlPV6p/MTt...w8Sw8e8a3X.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe O4 - HKLM\..\Run: [bHR4.1] C:\Program Files\Zamaan's Software\Browser Hijack Retaliator 4.1\BHR4.1.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [update Service] "C:\Program Files\Fichiers communs\Teknum Systems\update.exe" /startup O4 - Startup: dcu.lnk = ? O4 - Startup: reminder.lnk = ? O4 - Global Startup: iFinger 2.0.lnk = C:\Program Files\iFinger\iFinger.exe O9 - Extra button: iFinger - {936E5D60-596C-11D3-BB96-00600816DF55} - C:\WINDOWS\System32\SHDOCVW.DLL O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: AntiVir Update Temp (TmpUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\DOCUME~1\CHRIST~1\LOCALS~1\TEMP\_VWUPSRV.EXE O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe Bonne analyse

Voilà c'est fait rapport de AVG AS --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 20:20:45 29/10/2006 + Résultat de l'analyse: :mozilla.24:C:\Documents and Settings\CHRISTIAN\Application Data\Thunderbird\Profiles\ngpmq0om.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.19:C:\Documents and Settings\CHRISTIAN\Application Data\Thunderbird\Profiles\ngpmq0om.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.20:C:\Documents and Settings\CHRISTIAN\Application Data\Thunderbird\Profiles\ngpmq0om.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.23:C:\Documents and Settings\CHRISTIAN\Application Data\Thunderbird\Profiles\ngpmq0om.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.18:C:\Documents and Settings\chris\Application Data\Mozilla\Firefox\Profiles\b7m8xx5i.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé. :mozilla.19:C:\Documents and Settings\chris\Application Data\Mozilla\Firefox\Profiles\b7m8xx5i.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé. :mozilla.20:C:\Documents and Settings\chris\Application Data\Mozilla\Firefox\Profiles\b7m8xx5i.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé. Fin du rapport et le rapport de PANDA Incident Statut Analyse Adware:adware/abox No Désinfecté c:\windows\ABox.exe Adware:adware/dollarrevenue No Désinfecté c:\windows\drsmartload2.dat Adware:adware/windowenhancer No Désinfecté c:\windows\system32\SBUtils Outil indésirable:application/winantispyware2006 No Désinfecté c:\program files\WinAntiSpyware 2006 Scanner Adware:adware/wupd No Désinfecté Registre Windows Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\chris\Application Data\Mozilla\Firefox\Profiles\b7m8xx5i.default\cookies.txt[.xiti.com/] Spyware:Cookie/Hbmediapro No Désinfecté C:\Documents and Settings\chris\Application Data\Mozilla\Firefox\Profiles\b7m8xx5i.default\cookies.txt[.adopt.hbmediapro.com/] Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt[.xiti.com/] Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt[.bluestreak.com/] Virus:VBS/Bagle.Q Désinfecté C:\Documents and Settings\CHRISTIAN\Application Data\Thunderbird\Profiles\ngpmq0om.default\Mail\pop.libertysurf.fr\Inbox[document.pif] Outil indésirable:Application/Processor No Désinfecté C:\Documents and Settings\CHRISTIAN\Bureau\JUNK\l2mfix.exe[l2mfix/Process.exe] Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\CHRISTIAN\Cookies\christian@bluestreak[2].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\CHRISTIAN\Cookies\christian@xiti[1].txt Adware:Adware/DollarRevenue No Désinfecté C:\install.exe Outil indésirable:Application/Processor No Désinfecté C:\Program Files\Mozilla Firefox\l2mfix\Process.exe Outil indésirable:Application/Pskill.A No Désinfecté C:\WINDOWS\RESTORE.INS[C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE] Outil indésirable:Application/Pskill.A No Désinfecté C:\WINDOWS\system\RESTORE.INS[C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE] Outil indésirable:Application/WinAntispyware2006 No Désinfecté C:\WINDOWS\system32\drivers\uwasfsd.sys bon courage

Voilà c'est fait j'ai sauvegardé le rapport dans le répertoire c/program files/HijackThis c'est vrai que mon systeme d'exploit est dépassé je n'ai jamis fait de misevà jour je crains mainten

Oui je pense être infecté Voici le rapport HijackThis Logfile of HijackThis v1.99.1 Scan saved at 02:12:17, on 29/10/2006 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Apps\ActivBoard\nhksrv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Apps\ActivBoard\MMKeybd.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Zamaan's Software\Browser Hijack Retaliator 4.1\BHR4.1.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe C:\DOCUME~1\CHRIST~1\LOCALS~1\TEMP\_VWUPSRV.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Messenger\msmsgs.exe C:\Apps\ActivBoard\TrayMon.exe C:\Apps\ActivBoard\OSD.exe C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\Program Files\DNA Digital Media Group\Nestle Fitness Virtual Coach\dcu.exe C:\Program Files\DNA Digital Media Group\Nestle Fitness Virtual Coach\Reminder.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\Program Files\PowerArchiver\POWERARC.EXE C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\_PA47\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://qrhvesfirbncprveriyw.com/VlPV6p/MTt...w8Sw8e8a3X.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe O4 - HKLM\..\Run: [bHR4.1] C:\Program Files\Zamaan's Software\Browser Hijack Retaliator 4.1\BHR4.1.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [update Service] "C:\Program Files\Fichiers communs\Teknum Systems\update.exe" /startup O4 - Startup: dcu.lnk = ? O4 - Startup: reminder.lnk = ? O4 - Global Startup: iFinger 2.0.lnk = C:\Program Files\iFinger\iFinger.exe O9 - Extra button: iFinger - {936E5D60-596C-11D3-BB96-00600816DF55} - C:\WINDOWS\System32\SHDOCVW.DLL O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: AntiVir Update Temp (TmpUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\DOCUME~1\CHRIST~1\LOCALS~1\TEMP\_VWUPSRV.EXE O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe Que dois je faire ? Merci de votre aide.

Bonjour depuis un certain temps mon PC rame Je l'entends mouliner alors que je ne travaille pas dessus j'ai souvent le message : manque de mémoire je pense qu'il i y a des spywares virus ..., notamment Look2Me Que puis je faire ? Merci d'avance Diego

Merci beaucoup Cela marche correctement maintenant

je suis allé sur le bios 'AMIBIOS NEW SETUP UTILITY VERSION 3.31' dans le menu Power management configuration il y avait acpi sleep type : S3 suspend time out (minute) : disabled resume on ring : enabled resume on PME# : enabled power button function : suspend restore on ac power loss :power off resume on rtc alarm : disabled je n'ai rien changé au démarrage j'arrive sur un écran qui me demande quel systeme d'exploitation je choisis windows xp console de récupération... par défaut windows xp est surligné

Non je viens de refaire le test Évidemment cette fois il ne redémarre pas tout seul j'ai fait l'essai TROIS fois mais pas de redémarrage.pourtant cette semaine c'est arrivé plusieurs fois Mais je peux dire tout de même qu'il n'y a pas d'écran bleu avant le redémarrage Je dois préciser que j'ai mis cet ordi en réseau avec un autre ordi(ordi portable) par l'intermédiaire du modem club internet adsl wi fi merci de votre aide

BONJOUR Mon ordi redémarre tout seul après l'avoir arrêté par Démarrer "arrêter l'ordinateur" Il redémarre tout seul au bout de quelques secondes ou plusieurs minutes La dernière fois j'ai désactivé redémarrer automatiquement dans défaillance du système (démarrage et récupération) mais il a quand même redémarré tout seul après que j'ai éteind l'ordi. Que dois je faire ? Merci par avance de votre coopération

Bonjour je n'ai pas eu de réponse à mon dernier envoi de Hijack mais je suppose que vous êtes très occupés J'arrive bien maintenant à surfer. Plus de pubs et de redirection je voulais juste savoir s'il y a de bon antivirus anti spywares antispam gratuits et lesquels Merci d'avance java script:emoticon('', 'smid_15') DIEGO

voici le nouveau rapport Logfile of HijackThis v1.99.1 Scan saved at 20:58:17, on 06/02/2006 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Apps\ActivBoard\nhksrv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Apps\ActivBoard\MMKeybd.exe C:\Program Files\Zamaan's Software\Browser Hijack Retaliator 4.1\BHR4.1.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\slserv.exe C:\DOCUME~1\CHRIST~1\LOCALS~1\TEMP\_VWUPSRV.EXE C:\Program Files\iFinger\iFinger.exe C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe C:\Apps\ActivBoard\TrayMon.exe C:\Apps\ActivBoard\OSD.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\WINDOWS\System32\ctfmon.exe C:\WINDOWS\System32\wuauclt.exe C:\Documents and Settings\CHRISTIAN\Bureau\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe O4 - HKLM\..\Run: [bHR4.1] C:\Program Files\Zamaan's Software\Browser Hijack Retaliator 4.1\BHR4.1.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Global Startup: iFinger 2.0.lnk = C:\Program Files\iFinger\iFinger.exe O9 - Extra button: iFinger - {936E5D60-596C-11D3-BB96-00600816DF55} - C:\WINDOWS\System32\SHDOCVW.DLL O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: AntiVir Scheduler (AntiVirScheduler) - H+BEDV Datentechnik GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: AntiVir Update Temp (TmpUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\DOCUME~1\CHRIST~1\LOCALS~1\TEMP\_VWUPSRV.EXE O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe

Bonjour Jack j'ai suivi ta procédure Voici mon nouveau rapport HijackThis Logfile of HijackThis v1.99.1 Scan saved at 19:55:15, on 06/02/2006 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Apps\ActivBoard\nhksrv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Apps\ActivBoard\MMKeybd.exe C:\Program Files\Zamaan's Software\Browser Hijack Retaliator 4.1\BHR4.1.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\slserv.exe C:\DOCUME~1\CHRIST~1\LOCALS~1\TEMP\_VWUPSRV.EXE C:\Program Files\iFinger\iFinger.exe C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe C:\Apps\ActivBoard\TrayMon.exe C:\Apps\ActivBoard\OSD.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\WINDOWS\System32\msiexec.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\System32\ctfmon.exe C:\WINDOWS\System32\wuauclt.exe C:\Documents and Settings\CHRISTIAN\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://qrhvesfirbncprveriyw.com/VlPV6p/MTt...w8Sw8e8a3X.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe O4 - HKLM\..\Run: [bHR4.1] C:\Program Files\Zamaan's Software\Browser Hijack Retaliator 4.1\BHR4.1.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Global Startup: iFinger 2.0.lnk = C:\Program Files\iFinger\iFinger.exe O9 - Extra button: iFinger - {936E5D60-596C-11D3-BB96-00600816DF55} - C:\WINDOWS\System32\SHDOCVW.DLL O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: AntiVir Scheduler (AntiVirScheduler) - H+BEDV Datentechnik GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: AntiVir Update Temp (TmpUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\DOCUME~1\CHRIST~1\LOCALS~1\TEMP\_VWUPSRV.EXE O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe Sinon j'ai toujours Windows installer qui essaie de reinstaller Word 2002 au démarrage du PC (alors que Word est déjà installé : Il était préinstallé à l'achat avec Windows XP) Word 2002 et Windows se trouvent sur 1 partition cachée du disque dur (ordi Packard Bell)

Voila j'ai fait ce qui étatit demandé rapport Ewido --------------------------------------------------------- ewido anti-malware - Rapport de scan --------------------------------------------------------- + Créé le: 20:01:25, 05/02/2006 + Somme de contrôle: 6865476A + Résultats du scan: HKLM\SOFTWARE\Classes\Interface\{EA232A0A-46F8-4D44-A30B-50321518A828} -> Spyware.HotBar : Nettoyer et sauvegarder [796] C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Nettoyer et sauvegarder [848] C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Erreur durant le nettoyage [1056] C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Erreur durant le nettoyage [1604] C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Erreur durant le nettoyage [1636] C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Erreur durant le nettoyage [1692] C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Erreur durant le nettoyage [1836] C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Erreur durant le nettoyage [620] C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Erreur durant le nettoyage [1412] C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Erreur durant le nettoyage [2468] C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Erreur durant le nettoyage :mozilla.11:C:\Documents and Settings\chris\Application Data\Mozilla\Firefox\Profiles\b7m8xx5i.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder :mozilla.12:C:\Documents and Settings\chris\Application Data\Mozilla\Firefox\Profiles\b7m8xx5i.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder :mozilla.13:C:\Documents and Settings\chris\Application Data\Mozilla\Firefox\Profiles\b7m8xx5i.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder :mozilla.14:C:\Documents and Settings\chris\Application Data\Mozilla\Firefox\Profiles\b7m8xx5i.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder :mozilla.15:C:\Documents and Settings\chris\Application Data\Mozilla\Firefox\Profiles\b7m8xx5i.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder :mozilla.16:C:\Documents and Settings\chris\Application Data\Mozilla\Firefox\Profiles\b7m8xx5i.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder :mozilla.17:C:\Documents and Settings\chris\Application Data\Mozilla\Firefox\Profiles\b7m8xx5i.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder C:\Documents and Settings\chris\Local Settings\Temp\Del3.tmp -> Spyware.180Solutions : Nettoyer et sauvegarder C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\Cache\2DC223BBd01 -> Spyware.NewDotNet : Nettoyer et sauvegarder C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\Cache\9BC5A85Fd01/lopremover.exe -> Adware.Lop : Erreur durant le nettoyage :mozilla.8:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.2o7 : Nettoyer et sauvegarder :mozilla.9:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.2o7 : Nettoyer et sauvegarder :mozilla.16:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Doubleclick : Nettoyer et sauvegarder :mozilla.38:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Revenue : Nettoyer et sauvegarder :mozilla.39:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder :mozilla.40:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder :mozilla.41:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder :mozilla.42:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder :mozilla.43:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder :mozilla.44:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder :mozilla.45:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder :mozilla.46:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder :mozilla.47:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Revenue : Nettoyer et sauvegarder :mozilla.48:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Revenue : Nettoyer et sauvegarder :mozilla.49:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Revenue : Nettoyer et sauvegarder :mozilla.50:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Revenue : Nettoyer et sauvegarder :mozilla.51:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Revenue : Nettoyer et sauvegarder :mozilla.52:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Revenue : Nettoyer et sauvegarder :mozilla.53:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Revenue : Nettoyer et sauvegarder :mozilla.54:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Revenue : Nettoyer et sauvegarder :mozilla.55:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Revenue : Nettoyer et sauvegarder :mozilla.56:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Revenue : Nettoyer et sauvegarder :mozilla.63:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Casalemedia : Nettoyer et sauvegarder :mozilla.64:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Casalemedia : Nettoyer et sauvegarder :mozilla.65:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Casalemedia : Nettoyer et sauvegarder :mozilla.66:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Casalemedia : Nettoyer et sauvegarder :mozilla.67:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Casalemedia : Nettoyer et sauvegarder :mozilla.68:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Casalemedia : Nettoyer et sauvegarder :mozilla.70:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Falkag : Nettoyer et sauvegarder :mozilla.71:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Falkag : Nettoyer et sauvegarder :mozilla.72:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Falkag : Nettoyer et sauvegarder :mozilla.73:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Falkag : Nettoyer et sauvegarder :mozilla.74:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Advertising : Nettoyer et sauvegarder :mozilla.77:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Paypopup : Nettoyer et sauvegarder :mozilla.78:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Paypopup : Nettoyer et sauvegarder :mozilla.79:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Paypopup : Nettoyer et sauvegarder :mozilla.80:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Paypopup : Nettoyer et sauvegarder :mozilla.81:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Paypopup : Nettoyer et sauvegarder :mozilla.103:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Weborama : Nettoyer et sauvegarder :mozilla.104:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Weborama : Nettoyer et sauvegarder :mozilla.105:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Weborama : Nettoyer et sauvegarder :mozilla.106:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Overture : Nettoyer et sauvegarder :mozilla.107:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Overture : Nettoyer et sauvegarder :mozilla.132:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Smartadserver : Nettoyer et sauvegarder :mozilla.133:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Smartadserver : Nettoyer et sauvegarder :mozilla.134:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Smartadserver : Nettoyer et sauvegarder :mozilla.135:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Bluestreak : Nettoyer et sauvegarder :mozilla.161:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Adtech : Nettoyer et sauvegarder :mozilla.162:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Adtech : Nettoyer et sauvegarder :mozilla.174:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Estat : Nettoyer et sauvegarder :mozilla.186:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Mediaplex : Nettoyer et sauvegarder :mozilla.191:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Bpath : Nettoyer et sauvegarder :mozilla.192:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Myaffiliateprogram : Nettoyer et sauvegarder :mozilla.195:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Weborama : Nettoyer et sauvegarder :mozilla.196:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Serving-sys : Nettoyer et sauvegarder :mozilla.197:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Serving-sys : Nettoyer et sauvegarder :mozilla.198:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Serving-sys : Nettoyer et sauvegarder :mozilla.199:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Serving-sys : Nettoyer et sauvegarder :mozilla.208:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Sitestat : Nettoyer et sauvegarder :mozilla.209:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Sitestat : Nettoyer et sauvegarder :mozilla.213:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Nettoyer et sauvegarder :mozilla.214:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Nettoyer et sauvegarder :mozilla.215:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Nettoyer et sauvegarder :mozilla.216:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Nettoyer et sauvegarder :mozilla.217:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Nettoyer et sauvegarder :mozilla.219:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Com : Nettoyer et sauvegarder :mozilla.220:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Com : Nettoyer et sauvegarder :mozilla.292:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Statcounter : Nettoyer et sauvegarder :mozilla.308:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Hitslink : Nettoyer et sauvegarder :mozilla.309:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Hitslink : Nettoyer et sauvegarder :mozilla.310:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Hitslink : Nettoyer et sauvegarder :mozilla.311:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Hitslink : Nettoyer et sauvegarder :mozilla.312:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Googleadservices : Nettoyer et sauvegarder :mozilla.315:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.247realmedia : Nettoyer et sauvegarder :mozilla.316:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.247realmedia : Nettoyer et sauvegarder :mozilla.321:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Atdmt : Nettoyer et sauvegarder :mozilla.325:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Googleadservices : Nettoyer et sauvegarder :mozilla.327:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Comclick : Nettoyer et sauvegarder :mozilla.328:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Comclick : Nettoyer et sauvegarder :mozilla.329:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Comclick : Nettoyer et sauvegarder :mozilla.359:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Valuead : Nettoyer et sauvegarder :mozilla.360:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Valuead : Nettoyer et sauvegarder :mozilla.361:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Valuead : Nettoyer et sauvegarder :mozilla.362:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Valuead : Nettoyer et sauvegarder :mozilla.368:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Trafficmp : Nettoyer et sauvegarder :mozilla.369:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Trafficmp : Nettoyer et sauvegarder :mozilla.370:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Trafficmp : Nettoyer et sauvegarder :mozilla.371:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Trafficmp : Nettoyer et sauvegarder :mozilla.372:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Trafficmp : Nettoyer et sauvegarder :mozilla.373:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Trafficmp : Nettoyer et sauvegarder :mozilla.387:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Nettoyer et sauvegarder :mozilla.388:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Nettoyer et sauvegarder :mozilla.389:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Nettoyer et sauvegarder :mozilla.391:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Itrack : Nettoyer et sauvegarder :mozilla.394:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Directnetadvertising : Nettoyer et sauvegarder :mozilla.395:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Googleadservices : Nettoyer et sauvegarder :mozilla.396:C:\Documents and Settings\CHRISTIAN\Application Data\Mozilla\Firefox\Profiles\pt6ejkwp.default\cookies.txt -> Spyware.Cookie.Googleadservices : Nettoyer et sauvegarder C:\Documents and Settings\CHRISTIAN\Bureau\lopremover\lopremover.exe -> Adware.Lop : Nettoyer et sauvegarder C:\Documents and Settings\CHRISTIAN\Bureau\lopremover.zip/lopremover.exe -> Adware.Lop : Erreur durant le nettoyage C:\Documents and Settings\CHRISTIAN\Bureau\uninstall6_38.exe -> Spyware.NewDotNet : Nettoyer et sauvegarder C:\Documents and Settings\CHRISTIAN\Cookies\christian@ad.yieldmanager[1].txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder C:\Documents and Settings\CHRISTIAN\Cookies\christian@ads.pointroll[2].txt -> Spyware.Cookie.Pointroll : Nettoyer et sauvegarder C:\Documents and Settings\CHRISTIAN\Cookies\christian@ads1.revenue[1].txt -> Spyware.Cookie.Revenue : Nettoyer et sauvegarder C:\Documents and Settings\CHRISTIAN\Cookies\christian@casalemedia[1].txt -> Spyware.Cookie.Casalemedia : Nettoyer et sauvegarder C:\Documents and Settings\CHRISTIAN\Cookies\christian@estat[1].txt -> Spyware.Cookie.Estat : Nettoyer et sauvegarder C:\Documents and Settings\CHRISTIAN\Cookies\christian@revenue[2].txt -> Spyware.Cookie.Revenue : Nettoyer et sauvegarder C:\Documents and Settings\CHRISTIAN\Cookies\christian@tradedoubler[1].txt -> Spyware.Cookie.Tradedoubler : Nettoyer et sauvegarder C:\Documents and Settings\CHRISTIAN\Cookies\christian@weborama[2].txt -> Spyware.Cookie.Weborama : Nettoyer et sauvegarder C:\Documents and Settings\CHRISTIAN\Cookies\christian@www.smartadserver[2].txt -> Spyware.Cookie.Smartadserver : Nettoyer et sauvegarder C:\Documents and Settings\CHRISTIAN\Cookies\christian@z1.adserver[1].txt -> Spyware.Cookie.Adserver : Nettoyer et sauvegarder C:\Documents and Settings\CHRISTIAN\Local Settings\Temp\Cookies\christian@atdmt[1].txt -> Spyware.Cookie.Atdmt : Nettoyer et sauvegarder C:\Documents and Settings\CHRISTIAN\Local Settings\Temp\Cookies\christian@estat[1].txt -> Spyware.Cookie.Estat : Nettoyer et sauvegarder C:\Documents and Settings\Invité\Local Settings\Temp\Del63.tmp -> Spyware.180Solutions : Nettoyer et sauvegarder C:\OEMCUST\TOOLS\WIN32\PSKILL.EXE -> Not-A-Virus.NetTool.Win32.PsKill : Nettoyer et sauvegarder C:\Program Files\C2Media\Setup.exe -> Spyware.Lop : Nettoyer et sauvegarder C:\Program Files\Mozilla Firefox\l2mfix\backup.zip/dlls/acphelp.dll -> Spyware.Look2Me : Erreur durant le nettoyage C:\Program Files\Mozilla Firefox\l2mfix\backup.zip/dlls/dn6801jue.dll -> Spyware.Look2Me : Erreur durant le nettoyage C:\Program Files\Mozilla Firefox\l2mfix\backup.zip/dlls/en8sl1l71.dll -> Spyware.Look2Me : Erreur durant le nettoyage C:\Program Files\Mozilla Firefox\l2mfix\backup.zip/dlls/j2p00c7mef.dll -> Spyware.Look2Me : Erreur durant le nettoyage C:\Program Files\Mozilla Firefox\l2mfix\backup.zip/dlls/j40sled71h0.dll -> Spyware.Look2Me : Erreur durant le nettoyage C:\Program Files\Mozilla Firefox\l2mfix\backup.zip/dlls/jTp00c7mef.dll -> Spyware.Look2Me : Erreur durant le nettoyage C:\Program Files\Mozilla Firefox\l2mfix\backup.zip/dlls/n62u0gf9e62.dll -> Spyware.Look2Me : Erreur durant le nettoyage C:\Program Files\Mozilla Firefox\l2mfix\backup.zip/dlls/n6r20g9oe6.dll -> Spyware.Look2Me : Erreur durant le nettoyage C:\Program Files\Mozilla Firefox\l2mfix\backup.zip/dlls/p8p6li7s18.dll -> Spyware.Look2Me : Erreur durant le nettoyage C:\Program Files\Mozilla Firefox\l2mfix\backup.zip/dlls/pGqsp.dll -> Spyware.Look2Me : Erreur durant le nettoyage C:\Program Files\Mozilla Firefox\l2mfix\backup.zip/dlls/wmssvc.dll -> Spyware.Look2Me : Erreur durant le nettoyage C:\Program Files\Mozilla Firefox\l2mfix\dlls\acphelp.dll -> Spyware.Look2Me : Nettoyer et sauvegarder C:\Program Files\Mozilla Firefox\l2mfix\dlls\dn6801jue.dll -> Spyware.Look2Me : Nettoyer et sauvegarder C:\Program Files\Mozilla Firefox\l2mfix\dlls\en8sl1l71.dll -> Spyware.Look2Me : Nettoyer et sauvegarder C:\Program Files\Mozilla Firefox\l2mfix\dlls\j2p00c7mef.dll -> Spyware.Look2Me : Nettoyer et sauvegarder C:\Program Files\Mozilla Firefox\l2mfix\dlls\j40sled71h0.dll -> Spyware.Look2Me : Nettoyer et sauvegarder C:\Program Files\Mozilla Firefox\l2mfix\dlls\jTp00c7mef.dll -> Spyware.Look2Me : Nettoyer et sauvegarder C:\Program Files\Mozilla Firefox\l2mfix\dlls\n62u0gf9e62.dll -> Spyware.Look2Me : Nettoyer et sauvegarder C:\Program Files\Mozilla Firefox\l2mfix\dlls\n6r20g9oe6.dll -> Spyware.Look2Me : Nettoyer et sauvegarder C:\Program Files\Mozilla Firefox\l2mfix\dlls\p8p6li7s18.dll -> Spyware.Look2Me : Nettoyer et sauvegarder C:\Program Files\Mozilla Firefox\l2mfix\dlls\pGqsp.dll -> Spyware.Look2Me : Nettoyer et sauvegarder C:\Program Files\Mozilla Firefox\l2mfix\dlls\wmssvc.dll -> Spyware.Look2Me : Nettoyer et sauvegarder C:\Program Files\NewDotNet -> Adware.NewDotNet : Nettoyer et sauvegarder C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Nettoyer et sauvegarder C:\WINDOWS\Downloaded Program Files\UERSV_0001_LPNetInstaller.exe -> Not-A-Virus.Downloader.Agent.d : Nettoyer et sauvegarder C:\WINDOWS\NDNuninstall6_98.exe -> Adware.NewDotNet : Nettoyer et sauvegarder C:\WINDOWS\NDNuninstall7_14.exe -> Adware.NewDotNet : Nettoyer et sauvegarder C:\WINDOWS\NDNuninstall7_22.exe -> Adware.NewDotNet : Nettoyer et sauvegarder ::Fin du rapport rapport HijackThis Logfile of HijackThis v1.99.1 Scan saved at 20:13:26, on 05/02/2006 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Apps\ActivBoard\nhksrv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE C:\Apps\ActivBoard\MMKeybd.exe C:\Program Files\Zamaan's Software\Browser Hijack Retaliator 4.1\BHR4.1.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\iFinger\iFinger.exe C:\Apps\ActivBoard\TrayMon.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Apps\ActivBoard\OSD.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\DOCUME~1\CHRIST~1\LOCALS~1\TEMP\_VWUPSRV.EXE C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\WINDOWS\System32\msiexec.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\Documents and Settings\CHRISTIAN\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://qrhvesfirbncprveriyw.com/VlPV6p/MTt...w8Sw8e8a3X.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe O4 - HKLM\..\Run: [bHR4.1] C:\Program Files\Zamaan's Software\Browser Hijack Retaliator 4.1\BHR4.1.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - Global Startup: iFinger 2.0.lnk = C:\Program Files\iFinger\iFinger.exe O9 - Extra button: iFinger - {936E5D60-596C-11D3-BB96-00600816DF55} - C:\WINDOWS\System32\SHDOCVW.DLL O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: AntiVir Scheduler (AntiVirScheduler) - H+BEDV Datentechnik GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: AntiVir Update Temp (TmpUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\DOCUME~1\CHRIST~1\LOCALS~1\TEMP\_VWUPSRV.EXE O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe Il reste juste un petit problème au démarrage j'ai Windows installer qui se déclenche pour installer Word 2002 alors qu'il existe déjà Maintenant que mon PC est propre Que dois je utiliser comme pare feu, anti virus et anti spyware Les gratuits donnent t -ils de bons résultats? je pense qu'il ne faut pas utiliser deux anti-spyware ou deux antivirus en même tps Merci à toute l'équipe pour m'avoir dépanné. Je peux de nouveau surfer normalement http://forum.zebulon.fr/style_images/1/fol...icons/icon1.gif http://forum.zebulon.fr/style_images/1/fol...icons/icon1.gif

Bonjour Jack j'ai supprimé Look2Me et refait un HijackThis en mode normal (et non en mode sans échec) ci-dessous rapport Lm2Fix L2mfix 010406 Creating Account. La commande s'est termin‚e correctement. Adding Administrative privleges. Checking for L2MFix account(0=no 1=yes): 1 Granting SeDebugPrivilege to L2MFIX ... successful Running From: C:\WINDOWS\system32 Killing Processes! Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright© 2002-2003 Craig.Peacock@beyondlogic.org Killing PID 480 'smss.exe' Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright© 2002-2003 Craig.Peacock@beyondlogic.org Killing PID 556 'winlogon.exe' Killing PID 556 'winlogon.exe' Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright© 2002-2003 Craig.Peacock@beyondlogic.org Killing PID 1608 'explorer.exe' Killing PID 1608 'explorer.exe' Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright© 2002-2003 Craig.Peacock@beyondlogic.org Killing PID 1368 'rundll32.exe' Killing PID 900 'rundll32.exe' Killing PID 900 'rundll32.exe' Restoring Sedebugprivilege: Granting SeDebugPrivilege to Administrateurs ... successful Scanning First Pass. Please Wait! First Pass Completed Second Pass Scanning Second pass Completed! 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). Deleting: C:\WINDOWS\system32\acphelp.dll Successfully Deleted: C:\WINDOWS\system32\acphelp.dll Deleting: C:\WINDOWS\system32\dn6801jue.dll Successfully Deleted: C:\WINDOWS\system32\dn6801jue.dll Deleting: C:\WINDOWS\system32\en8sl1l71.dll Successfully Deleted: C:\WINDOWS\system32\en8sl1l71.dll Deleting: C:\WINDOWS\system32\j2p00c7mef.dll Successfully Deleted: C:\WINDOWS\system32\j2p00c7mef.dll Deleting: C:\WINDOWS\system32\j40sled71h0.dll Successfully Deleted: C:\WINDOWS\system32\j40sled71h0.dll Deleting: C:\WINDOWS\system32\jTp00c7mef.dll Successfully Deleted: C:\WINDOWS\system32\jTp00c7mef.dll Deleting: C:\WINDOWS\system32\n62u0gf9e62.dll Successfully Deleted: C:\WINDOWS\system32\n62u0gf9e62.dll Deleting: C:\WINDOWS\system32\n6r20g9oe6.dll Successfully Deleted: C:\WINDOWS\system32\n6r20g9oe6.dll Deleting: C:\WINDOWS\system32\p8p6li7s18.dll Successfully Deleted: C:\WINDOWS\system32\p8p6li7s18.dll Deleting: C:\WINDOWS\system32\pGqsp.dll Successfully Deleted: C:\WINDOWS\system32\pGqsp.dll Deleting: C:\WINDOWS\system32\wmssvc.dll Successfully Deleted: C:\WINDOWS\system32\wmssvc.dll msg11?.dll 0 fichier(s) copi‚(s). Restoring Windows Update Certificates.: The following Is the Current Export of the Winlogon notify key: **************************************************************************** Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\ 6c,00,00,00 "Logoff"="ChainWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Logoff"="CryptnetWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] "DLLName"="cscdll.dll" "Logon"="WinlogonLogonEvent" "Logoff"="WinlogonLogoffEvent" "ScreenSaver"="WinlogonScreenSaverEvent" "Startup"="WinlogonStartupEvent" "Shutdown"="WinlogonShutdownEvent" "StartShell"="WinlogonStartShellEvent" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\CSCSettings] "Asynchronous"=dword:00000000 "DllName"="C:\\WINDOWS\\system32\\p8p6li7s18.dll" "Impersonate"=dword:00000000 "Logon"="WinLogon" "Logoff"="WinLogoff" "Shutdown"="WinShutdown" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] "DLLName"="wlnotify.dll" "Logon"="SCardStartCertProp" "Logoff"="SCardStopCertProp" "Lock"="SCardSuspendCertProp" "Unlock"="SCardResumeCertProp" "Enabled"=dword:00000001 "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "StartShell"="SchedStartShell" "Logoff"="SchedEventLogOff" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] "Logoff"="WLEventLogoff" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 "DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] "DLLName"="WlNotify.dll" "Lock"="SensLockEvent" "Logon"="SensLogonEvent" "Logoff"="SensLogoffEvent" "Safe"=dword:00000001 "MaxWait"=dword:00000258 "StartScreenSaver"="SensStartScreenSaverEvent" "StopScreenSaver"="SensStopScreenSaverEvent" "Startup"="SensStartupEvent" "Shutdown"="SensShutdownEvent" "StartShell"="SensStartShellEvent" "PostShell"="SensPostShellEvent" "Disconnect"="SensDisconnectEvent" "Reconnect"="SensReconnectEvent" "Unlock"="SensUnlockEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "Logoff"="TSEventLogoff" "Logon"="TSEventLogon" "PostShell"="TSEventPostShell" "Shutdown"="TSEventShutdown" "StartShell"="TSEventStartShell" "Startup"="TSEventStartup" "MaxWait"=dword:00000258 "Reconnect"="TSEventReconnect" "Disconnect"="TSEventDisconnect" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] "DLLName"="wlnotify.dll" "Logon"="RegisterTicketExpiredNotificationEvent" "Logoff"="UnregisterTicketExpiredNotificationEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 The following are the files found: **************************************************************************** C:\WINDOWS\system32\acphelp.dll C:\WINDOWS\system32\dn6801jue.dll C:\WINDOWS\system32\en8sl1l71.dll C:\WINDOWS\system32\j2p00c7mef.dll C:\WINDOWS\system32\j40sled71h0.dll C:\WINDOWS\system32\jTp00c7mef.dll C:\WINDOWS\system32\n62u0gf9e62.dll C:\WINDOWS\system32\n6r20g9oe6.dll C:\WINDOWS\system32\p8p6li7s18.dll C:\WINDOWS\system32\pGqsp.dll C:\WINDOWS\system32\wmssvc.dll Registry Entries that were Deleted: Please verify that the listing looks ok. If there was something deleted wrongly there are backups in the backreg folder. **************************************************************************** Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{5B7E41C6-577A-4826-895F-AA53296D9F30}] @="" [HKEY_CLASSES_ROOT\CLSID\{5B7E41C6-577A-4826-895F-AA53296D9F30}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{5B7E41C6-577A-4826-895F-AA53296D9F30}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{5B7E41C6-577A-4826-895F-AA53296D9F30}\InprocServer32] @="C:\\WINDOWS\\system32\\QAJavaNative.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{20B8C720-6E8A-4D9D-81C9-48EAC3C2174C}] @="" [HKEY_CLASSES_ROOT\CLSID\{20B8C720-6E8A-4D9D-81C9-48EAC3C2174C}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{20B8C720-6E8A-4D9D-81C9-48EAC3C2174C}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{20B8C720-6E8A-4D9D-81C9-48EAC3C2174C}\InprocServer32] @="C:\\WINDOWS\\system32\\jTp00c7mef.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{681B394E-308E-4048-AD27-FE4C5BB6A54E}] @="" [HKEY_CLASSES_ROOT\CLSID\{681B394E-308E-4048-AD27-FE4C5BB6A54E}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{681B394E-308E-4048-AD27-FE4C5BB6A54E}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{681B394E-308E-4048-AD27-FE4C5BB6A54E}\InprocServer32] @="C:\\WINDOWS\\system32\\pGqsp.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{A32EE1C9-C544-4E9E-97D7-3C94D14FFC23}] @="" [HKEY_CLASSES_ROOT\CLSID\{A32EE1C9-C544-4E9E-97D7-3C94D14FFC23}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{A32EE1C9-C544-4E9E-97D7-3C94D14FFC23}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{A32EE1C9-C544-4E9E-97D7-3C94D14FFC23}\InprocServer32] @="C:\\WINDOWS\\system32\\acphelp.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{E6C69862-6961-40C3-8B4D-52DEA5B548AD}] @="" [HKEY_CLASSES_ROOT\CLSID\{E6C69862-6961-40C3-8B4D-52DEA5B548AD}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{E6C69862-6961-40C3-8B4D-52DEA5B548AD}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{E6C69862-6961-40C3-8B4D-52DEA5B548AD}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{892215C4-9E98-422C-AE79-7C6A9CEB57BA}] @="" [HKEY_CLASSES_ROOT\CLSID\{892215C4-9E98-422C-AE79-7C6A9CEB57BA}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{892215C4-9E98-422C-AE79-7C6A9CEB57BA}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{892215C4-9E98-422C-AE79-7C6A9CEB57BA}\InprocServer32] @="C:\\WINDOWS\\system32\\wmssvc.dll" "ThreadingModel"="Apartment" REGEDIT4 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] "{02E812F8-6241-41D2-8A11-C256EBFD2722}"=- "{5B7E41C6-577A-4826-895F-AA53296D9F30}"=- "{20B8C720-6E8A-4D9D-81C9-48EAC3C2174C}"=- "{681B394E-308E-4048-AD27-FE4C5BB6A54E}"=- "{A32EE1C9-C544-4E9E-97D7-3C94D14FFC23}"=- "{E6C69862-6961-40C3-8B4D-52DEA5B548AD}"=- "{892215C4-9E98-422C-AE79-7C6A9CEB57BA}"=- [-HKEY_CLASSES_ROOT\CLSID\{02E812F8-6241-41D2-8A11-C256EBFD2722}] [-HKEY_CLASSES_ROOT\CLSID\{5B7E41C6-577A-4826-895F-AA53296D9F30}] [-HKEY_CLASSES_ROOT\CLSID\{20B8C720-6E8A-4D9D-81C9-48EAC3C2174C}] [-HKEY_CLASSES_ROOT\CLSID\{681B394E-308E-4048-AD27-FE4C5BB6A54E}] [-HKEY_CLASSES_ROOT\CLSID\{A32EE1C9-C544-4E9E-97D7-3C94D14FFC23}] [-HKEY_CLASSES_ROOT\CLSID\{E6C69862-6961-40C3-8B4D-52DEA5B548AD}] [-HKEY_CLASSES_ROOT\CLSID\{892215C4-9E98-422C-AE79-7C6A9CEB57BA}] REGEDIT4 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] **************************************************************************** Desktop.ini Contents: **************************************************************************** **************************************************************************** Checking for L2MFix account(0=no 1=yes): 0 Zipping up files for submission: adding: dlls/acphelp.dll (188 bytes security) (deflated 5%) adding: dlls/dn6801jue.dll (188 bytes security) (deflated 5%) adding: dlls/en8sl1l71.dll (188 bytes security) (deflated 5%) adding: dlls/j2p00c7mef.dll (188 bytes security) (deflated 4%) adding: dlls/j40sled71h0.dll (188 bytes security) (deflated 4%) adding: dlls/jTp00c7mef.dll (188 bytes security) (deflated 5%) adding: dlls/n62u0gf9e62.dll (188 bytes security) (deflated 5%) adding: dlls/n6r20g9oe6.dll (188 bytes security) (deflated 5%) adding: dlls/p8p6li7s18.dll (188 bytes security) (deflated 5%) adding: dlls/pGqsp.dll (188 bytes security) (deflated 5%) adding: dlls/wmssvc.dll (188 bytes security) (deflated 5%) adding: backregs/20B8C720-6E8A-4D9D-81C9-48EAC3C2174C.reg (188 bytes security) (deflated 70%) adding: backregs/5B7E41C6-577A-4826-895F-AA53296D9F30.reg (188 bytes security) (deflated 70%) adding: backregs/681B394E-308E-4048-AD27-FE4C5BB6A54E.reg (188 bytes security) (deflated 70%) adding: backregs/892215C4-9E98-422C-AE79-7C6A9CEB57BA.reg (188 bytes security) (deflated 70%) adding: backregs/A32EE1C9-C544-4E9E-97D7-3C94D14FFC23.reg (188 bytes security) (deflated 70%) adding: backregs/E6C69862-6961-40C3-8B4D-52DEA5B548AD.reg (188 bytes security) (deflated 70%) adding: backregs/notibac.reg (188 bytes security) (deflated 72%) adding: backregs/shell.reg (188 bytes security) (deflated 60%) rapport HijackThis Logfile of HijackThis v1.99.1 Scan saved at 11:37:11, on 05/02/2006 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Apps\ActivBoard\nhksrv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\DOCUME~1\CHRIST~1\LOCALS~1\TEMP\_VWUPSRV.EXE C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE C:\Apps\ActivBoard\MMKeybd.exe C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\Program Files\BroadJump\Client Foundation\CFD.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\Zamaan's Software\Browser Hijack Retaliator 4.1\BHR4.1.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\iFinger\iFinger.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\Apps\ActivBoard\TrayMon.exe C:\Program Files\Microsoft Office\Office\OSA.EXE C:\Apps\ActivBoard\OSD.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\WINDOWS\System32\msiexec.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\System32\wuauclt.exe C:\Documents and Settings\CHRISTIAN\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://qrhvesfirbncprveriyw.com/VlPV6p/MTt...w8Sw8e8a3X.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll O3 - Toolbar: Zango Toolbar - {EA0D26BD-9029-431A-86E0-83152D67828A} - C:\Program Files\Zango Programs\Zango Toolbar\ZangoTB.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe O4 - HKLM\..\Run: [ActivSurf] C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe" O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,ClientStartup -s O4 - HKLM\..\Run: [bHR4.1] C:\Program Files\Zamaan's Software\Browser Hijack Retaliator 4.1\BHR4.1.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [update Service] C:\PROGRA~1\FICHIE~1\TEKNUM~1\update.exe /startup O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [sOProc_RegWxSzNn] rundll32 shell32.dll,ShellExec_RunDLL C:\PROGRA~1\SOFTWA~1\soproc.exe -pack RegWxSzNn O4 - Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE O4 - Global Startup: iFinger 2.0.lnk = C:\Program Files\iFinger\iFinger.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll O9 - Extra button: Packard Bell - {1D49B7D4-524D-4ac9-BC34-B4822CAE4BB1} - C:\Apps\IECustom\script.htm O9 - Extra button: iFinger - {936E5D60-596C-11D3-BB96-00600816DF55} - C:\WINDOWS\System32\SHDOCVW.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll O12 - Plugin for .mp3: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/ O16 - DPF: Interface Chat Voila - http://chat10.x-echo.com/version5/Applet/vchatsign.cab O16 - DPF: {511F9316-771B-4953-A268-1C36DA667FE9} - http://ip.sponsoradulto.com/cab/3/fr/SysWebTelecomInt.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: CSCSettings - C:\WINDOWS\system32\p8p6li7s18.dll (file missing) O23 - Service: AntiVir Scheduler (AntiVirScheduler) - H+BEDV Datentechnik GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: AntiVir Update Temp (TmpUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\DOCUME~1\CHRIST~1\LOCALS~1\TEMP\_VWUPSRV.EXE O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe

Merci pour votre aide rapide j'ai désinstallé Messenger Plus 3 et le sponsor mais je n'ai pas trouvé NewDot.net dans ajout/suppression de programmes du panneau de config rapport Lm2Fix L2MFIX find log 010406 These are the registry keys present ********************************************************************************** Winlogon/notify: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] "Asynchronous"=dword:00000000 "DllName"="" "Impersonate"=dword:00000000 "Logon"="WinLogon" "Logoff"="WinLogoff" "Shutdown"="WinShutdown" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\OemStartMenuData] "Asynchronous"=dword:00000000 "DllName"="C:\\WINDOWS\\system32\\e0202afmgd2a2.dll" "Impersonate"=dword:00000000 "Logon"="WinLogon" "Logoff"="WinLogoff" "Shutdown"="WinShutdown" ********************************************************************************** useragent: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] "{8BD5C162-D161-3505-4008-2E77BE462650}"="" ********************************************************************************** Shell Extension key: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] "{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler" "{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler" "{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler" "{02E812F8-6241-41D2-8A11-C256EBFD2722}"="" "{5B7E41C6-577A-4826-895F-AA53296D9F30}"="" "{20B8C720-6E8A-4D9D-81C9-48EAC3C2174C}"="" "{681B394E-308E-4048-AD27-FE4C5BB6A54E}"="" "{45AC2688-0253-4ED8-97DE-B5370FA7D48A}"="Shell Extension for Malware scanning" "{A32EE1C9-C544-4E9E-97D7-3C94D14FFC23}"="" ********************************************************************************** HKEY ROOT CLASSIDS: Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{5B7E41C6-577A-4826-895F-AA53296D9F30}] @="" [HKEY_CLASSES_ROOT\CLSID\{5B7E41C6-577A-4826-895F-AA53296D9F30}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{5B7E41C6-577A-4826-895F-AA53296D9F30}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{5B7E41C6-577A-4826-895F-AA53296D9F30}\InprocServer32] @="C:\\WINDOWS\\system32\\QAJavaNative.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{20B8C720-6E8A-4D9D-81C9-48EAC3C2174C}] @="" [HKEY_CLASSES_ROOT\CLSID\{20B8C720-6E8A-4D9D-81C9-48EAC3C2174C}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{20B8C720-6E8A-4D9D-81C9-48EAC3C2174C}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{20B8C720-6E8A-4D9D-81C9-48EAC3C2174C}\InprocServer32] @="C:\\WINDOWS\\system32\\jTp00c7mef.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{681B394E-308E-4048-AD27-FE4C5BB6A54E}] @="" [HKEY_CLASSES_ROOT\CLSID\{681B394E-308E-4048-AD27-FE4C5BB6A54E}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{681B394E-308E-4048-AD27-FE4C5BB6A54E}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{681B394E-308E-4048-AD27-FE4C5BB6A54E}\InprocServer32] @="C:\\WINDOWS\\system32\\pGqsp.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{A32EE1C9-C544-4E9E-97D7-3C94D14FFC23}] @="" [HKEY_CLASSES_ROOT\CLSID\{A32EE1C9-C544-4E9E-97D7-3C94D14FFC23}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{A32EE1C9-C544-4E9E-97D7-3C94D14FFC23}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{A32EE1C9-C544-4E9E-97D7-3C94D14FFC23}\InprocServer32] @="C:\\WINDOWS\\system32\\acphelp.dll" "ThreadingModel"="Apartment" ********************************************************************************** Files Found are not all bad files: C:\WINDOWS\SYSTEM32\ acphelp.dll Sun 5 Feb 2006 10:04:44 ..S.R 234 258 228,77 K avsda.dll Wed 18 Jan 2006 13:06:02 A.... 57 344 56,00 K dn6801~1.dll Tue 24 Jan 2006 20:22:30 ..S.R 235 133 229,62 K e0202a~1.dll Sun 5 Feb 2006 4:51:46 ..S.R 234 258 228,77 K en8sl1~1.dll Tue 24 Jan 2006 19:48:22 ..S.R 236 053 230,52 K enpql1~1.dll Sun 5 Feb 2006 4:52:00 ..S.R 234 184 228,70 K gccoll~1.dll Tue 15 Nov 2005 12:12:08 A.... 126 680 123,71 K gcunco~1.dll Tue 15 Nov 2005 12:12:06 A.... 95 448 93,21 K hashlib.dll Tue 15 Nov 2005 12:12:08 A.... 117 976 115,21 K j2p00c~1.dll Sun 29 Jan 2006 20:30:50 ..S.R 234 344 228,85 K j40sle~1.dll Fri 3 Feb 2006 20:21:54 ..S.R 234 100 228,61 K jtp00c~1.dll Sun 5 Feb 2006 4:51:48 ..S.R 235 702 230,18 K msvcp71.dll Fri 27 Jan 2006 21:08:36 A.... 499 712 488,00 K msvcr71.dll Fri 27 Jan 2006 21:08:36 A.... 348 160 340,00 K n6r20g~1.dll Fri 3 Feb 2006 21:14:14 ..S.R 237 110 231,55 K pgqsp.dll Sun 5 Feb 2006 2:43:38 ..S.R 235 702 230,18 K sirenacm.dll Wed 14 Dec 2005 9:24:42 A.... 118 784 116,00 K 17 items found: 17 files (10 H/S), 0 directories. Total of file sizes: 3 714 948 bytes 3,54 M Locate .tmp files: No matches found. ********************************************************************************** Directory Listing of system files: Le volume dans le lecteur C s'appelle HDD Le num‚ro de s‚rie du volume est 2412-61FE R‚pertoire de C:\WINDOWS\System32 05/02/2006 10:04 234ÿ258 acphelp.dll 05/02/2006 04:51 234ÿ184 enpql1751.dll 05/02/2006 04:51 235ÿ702 jTp00c7mef.dll 05/02/2006 04:51 234ÿ258 e0202afmgd2a2.dll 05/02/2006 02:43 235ÿ702 pGqsp.dll 03/02/2006 21:14 237ÿ110 n6r20g9oe6.dll 03/02/2006 20:21 234ÿ100 j40sled71h0.dll 29/01/2006 20:30 234ÿ344 j2p00c7mef.dll 29/01/2006 19:15 <REP> dllcache 24/01/2006 20:22 235ÿ133 dn6801jue.dll 24/01/2006 19:48 236ÿ053 en8sl1l71.dll 10/01/2005 18:47 18ÿ432 Thumbs.db 10/10/2004 01:20 <REP> Microsoft 11 fichier(s) 2ÿ369ÿ276 octets 2 R‚p(s) 59ÿ292ÿ753ÿ920 octets libres j'ai refait un HijackThis en redémarrant l'ordi en mode sans échec sans prise en charge réseau Faut il toujours faire comme cela nouveau rapport HijackThis Logfile of HijackThis v1.99.1 Scan saved at 10:32:36, on 05/02/2006 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\CHRISTIAN\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://qrhvesfirbncprveriyw.com/VlPV6p/MTt...w8Sw8e8a3X.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll O3 - Toolbar: Zango Toolbar - {EA0D26BD-9029-431A-86E0-83152D67828A} - C:\Program Files\Zango Programs\Zango Toolbar\ZangoTB.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe O4 - HKLM\..\Run: [ActivSurf] C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe" O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,ClientStartup -s O4 - HKLM\..\Run: [bHR4.1] C:\Program Files\Zamaan's Software\Browser Hijack Retaliator 4.1\BHR4.1.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [update Service] C:\PROGRA~1\FICHIE~1\TEKNUM~1\update.exe /startup O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [sOProc_RegWxSzNn] rundll32 shell32.dll,ShellExec_RunDLL C:\PROGRA~1\SOFTWA~1\soproc.exe -pack RegWxSzNn O4 - Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE O4 - Global Startup: iFinger 2.0.lnk = C:\Program Files\iFinger\iFinger.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll O9 - Extra button: Packard Bell - {1D49B7D4-524D-4ac9-BC34-B4822CAE4BB1} - C:\Apps\IECustom\script.htm O9 - Extra button: iFinger - {936E5D60-596C-11D3-BB96-00600816DF55} - C:\WINDOWS\System32\SHDOCVW.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll O12 - Plugin for .mp3: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/ O16 - DPF: Interface Chat Voila - http://chat10.x-echo.com/version5/Applet/vchatsign.cab O16 - DPF: {511F9316-771B-4953-A268-1C36DA667FE9} - http://ip.sponsoradulto.com/cab/3/fr/SysWebTelecomInt.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: SideBySide - C:\WINDOWS\system32\enpql1751.dll O23 - Service: AntiVir Scheduler (AntiVirScheduler) - H+BEDV Datentechnik GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: AntiVir Update Temp (TmpUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\DOCUME~1\CHRIST~1\LOCALS~1\TEMP\_VWUPSRV.EXE O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe De plus à chaque démarrage maintenant l'ordi essaie de réinstaller Word 2002 alors qu'il est déjà installé Il était pré installé quand j'ai acheté l'ordi Merci de votre réponse

Bonjour c'est la 1ere fois que j'écris dans un forum et donc dans votre forum Je viens d'avoir internet avec ADSL et j'ai plein de spyware adware .... je reçois toujours des pages de pub non demandées, les pages web que consulte sont écrasées par des pages non demandées et je suis toujours obligé de fermer des pages ou de revenir en arrière De plus il y a plein de dysfonctionnements sur mon PC quand je surfe Pouvez vous m'aider j'ai suivi votre procédure et je colle ci dessous le rapport HijackThis Logfile of HijackThis v1.99.1 Scan saved at 05:00:51, on 05/02/2006 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\rundll32.exe C:\Apps\ActivBoard\nhksrv.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\DOCUME~1\CHRIST~1\LOCALS~1\TEMP\_VWUPSRV.EXE C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE C:\Apps\ActivBoard\MMKeybd.exe C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\BroadJump\Client Foundation\CFD.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Apps\ActivBoard\TrayMon.exe C:\Program Files\Zamaan's Software\Browser Hijack Retaliator 4.1\BHR4.1.exe C:\Apps\ActivBoard\OSD.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\iFinger\iFinger.exe C:\Program Files\Microsoft Office\Office\OSA.EXE c:\progra~1\intern~1\iexplore.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\WINDOWS\System32\msiexec.exe C:\WINDOWS\System32\wuauclt.exe C:\Documents and Settings\CHRISTIAN\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.iczigiujdweettjajmpjvye.net/v91...P2Pn_n6G/1.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rwcibxrbgmrldaudhprsjt.com/v91g...DxLDx7xrdc.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll O3 - Toolbar: Zango Toolbar - {EA0D26BD-9029-431A-86E0-83152D67828A} - C:\Program Files\Zango Programs\Zango Toolbar\ZangoTB.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe O4 - HKLM\..\Run: [ActivSurf] C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe" O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [THEONCEMESSJUMP] C:\Documents and Settings\All Users\Application Data\transpeaktheonce\global dart.exe O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,ClientStartup -s O4 - HKLM\..\Run: [bHR4.1] C:\Program Files\Zamaan's Software\Browser Hijack Retaliator 4.1\BHR4.1.exe O4 - HKCU\..\Run: [update Service] C:\PROGRA~1\FICHIE~1\TEKNUM~1\update.exe /startup O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [byte Grey] C:\DOCUME~1\CHRIST~1\APPLIC~1\TIMECU~1\MANAGER4.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [sOProc_RegWxSzNn] rundll32 shell32.dll,ShellExec_RunDLL C:\PROGRA~1\SOFTWA~1\soproc.exe -pack RegWxSzNn O4 - Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE O4 - Global Startup: iFinger 2.0.lnk = C:\Program Files\iFinger\iFinger.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll O9 - Extra button: Packard Bell - {1D49B7D4-524D-4ac9-BC34-B4822CAE4BB1} - C:\Apps\IECustom\script.htm O9 - Extra button: iFinger - {936E5D60-596C-11D3-BB96-00600816DF55} - C:\WINDOWS\System32\SHDOCVW.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll O12 - Plugin for .mp3: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/ O16 - DPF: Interface Chat Voila - http://chat10.x-echo.com/version5/Applet/vchatsign.cab O16 - DPF: {511F9316-771B-4953-A268-1C36DA667FE9} - http://ip.sponsoradulto.com/cab/3/fr/SysWebTelecomInt.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: Reliability - C:\WINDOWS\system32\dn4001hme.dll O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: AntiVir Update Temp (TmpUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\DOCUME~1\CHRIST~1\LOCALS~1\TEMP\_VWUPSRV.EXE O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe Merci d'avance

Bonjour c'est la 1ere fois que j'écris dans un forum et donc dans votre forum Je viens d'avoir internet avec ADSL et j'ai plein de spyware adware .... je reçois toujours des pages de pub non demandées, les pages web que consulte sont écrasées par des pages non demandées et je suis toujours obligé de fermer des pages ou de revenir en arrière De plus il y a plein de dysfonctionnements sur mon PC quand je surfe Pouvez vous m'aider j'ai suivi votre procédure et je colle ci dessous le rapport HijackThis Logfile of HijackThis v1.99.1 Scan saved at 05:00:51, on 05/02/2006 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\rundll32.exe C:\Apps\ActivBoard\nhksrv.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\DOCUME~1\CHRIST~1\LOCALS~1\TEMP\_VWUPSRV.EXE C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE C:\Apps\ActivBoard\MMKeybd.exe C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\BroadJump\Client Foundation\CFD.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Apps\ActivBoard\TrayMon.exe C:\Program Files\Zamaan's Software\Browser Hijack Retaliator 4.1\BHR4.1.exe C:\Apps\ActivBoard\OSD.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\iFinger\iFinger.exe C:\Program Files\Microsoft Office\Office\OSA.EXE c:\progra~1\intern~1\iexplore.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\WINDOWS\System32\msiexec.exe C:\WINDOWS\System32\wuauclt.exe C:\Documents and Settings\CHRISTIAN\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.iczigiujdweettjajmpjvye.net/v91...P2Pn_n6G/1.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rwcibxrbgmrldaudhprsjt.com/v91g...DxLDx7xrdc.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll O3 - Toolbar: Zango Toolbar - {EA0D26BD-9029-431A-86E0-83152D67828A} - C:\Program Files\Zango Programs\Zango Toolbar\ZangoTB.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe O4 - HKLM\..\Run: [ActivSurf] C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe" O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [THEONCEMESSJUMP] C:\Documents and Settings\All Users\Application Data\transpeaktheonce\global dart.exe O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,ClientStartup -s O4 - HKLM\..\Run: [bHR4.1] C:\Program Files\Zamaan's Software\Browser Hijack Retaliator 4.1\BHR4.1.exe O4 - HKCU\..\Run: [update Service] C:\PROGRA~1\FICHIE~1\TEKNUM~1\update.exe /startup O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [byte Grey] C:\DOCUME~1\CHRIST~1\APPLIC~1\TIMECU~1\MANAGER4.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [sOProc_RegWxSzNn] rundll32 shell32.dll,ShellExec_RunDLL C:\PROGRA~1\SOFTWA~1\soproc.exe -pack RegWxSzNn O4 - Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE O4 - Global Startup: iFinger 2.0.lnk = C:\Program Files\iFinger\iFinger.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll O9 - Extra button: Packard Bell - {1D49B7D4-524D-4ac9-BC34-B4822CAE4BB1} - C:\Apps\IECustom\script.htm O9 - Extra button: iFinger - {936E5D60-596C-11D3-BB96-00600816DF55} - C:\WINDOWS\System32\SHDOCVW.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll O12 - Plugin for .mp3: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/ O16 - DPF: Interface Chat Voila - http://chat10.x-echo.com/version5/Applet/vchatsign.cab O16 - DPF: {511F9316-771B-4953-A268-1C36DA667FE9} - http://ip.sponsoradulto.com/cab/3/fr/SysWebTelecomInt.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: Reliability - C:\WINDOWS\system32\dn4001hme.dll O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: AntiVir Update Temp (TmpUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\DOCUME~1\CHRIST~1\LOCALS~1\TEMP\_VWUPSRV.EXE O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe Merci d'avance